Solved

ISA and USB ADSL Modems

Posted on 2006-10-29
3
310 Views
Last Modified: 2013-11-16
Hi everyone,
Some time ago I installed a small business server2003 with ISA 2000 for a client. I configured the USB ADSL modem to connect to the net and set up packet filtering according to Microsofts recomendations. The small business server only had one network card serving the internal network. All the clients on the network, as well as the small business server ran F-secure client security (which also has it's own client firewall). I hadn't experienced any problems with the installation except spam from thier external emails and one virus infestation which wa quickly retified. Although a router would have been preferable for the installation, my question is was the installation I've outlined above wrong?
my thoughts on the ISA server was that it handled the web access and therefore the server was protected behind the firewall.... in this case the sbs and the ISA were on the same server.
Thanks in advance
0
Comment
Question by:Halfhidden
  • 2
3 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 125 total points
Comment Utility
I was be hard-pressed to say it was 'wrong' to install a system this way but I would certainly not install such a configuration for a commercial organisation that had consulted me to give them 'best-advice'. It is arguably true though that using the USB drivers to make the USB device appear as a network interface does work (and obviously successfully).

With now well over 200 ISA installations behind me, I have never used and have no plans to use USB devices as an interface on an ISA server (either as direct or perimeter) but this is personal preference.

I would take the view that if the site were compromised in any way, would the client have grounds against me in court for not following best-practice? The honest answer in my view would be no, best practice is often in the eye of the installer based on industry documentation and experience; the USB device is sold as a network device and you have used it as such. If a secondary question were 'would you have used that configuration as well?' then the answer would also have been ' no, not in a month of Sundays'.

Regards
Keith
0
 

Author Comment

by:Halfhidden
Comment Utility
Thanks Keith your answer is greatly appreciated.
Regards,
Steff
0
 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
:)
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now